SephStorm wrote:I see you dont have GSEC, what GIAC cert did you start with and what experience did you have beforehand?

SephStorm,

I started with the GAWN, then GCFW, GCFA, then the latest GPEN. Experience wise I've worked for the last 5 years in a multi network place were I have the ability to practice on a test network and several live networks. I must admit this helps greatly. I was actually forced into doing SANS courses by my manager. In my position he says it is required to know this stuff (I'm not complaining). So far none of these courses have cost me anything, all paid for by the company. Recently they have purchase several CBT packages for me (CCNP, CCNA IINS, MCTIP). Now I'm getting a year subscription to cbtnuggets. In may I will be attending the 558 course (If the wife allows me to go). My biggest issue is finding the time to do this stuff.

SephStorm wrote:I see you dont have GSEC, what GIAC cert did you start with and what experience did you have beforehand?

SephStorm,

I started with the GAWN, then GCFW, GCFA, then the latest GPEN. Experience wise I've worked for the last 5 years in a multi network place were I have the ability to practice on a test network and several live networks. I must admit this helps greatly. I was actually forced into doing SANS courses by my manager. In my position he says it is required to know this stuff (I'm not complaining). So far none of these courses have cost me anything, all paid for by the company. Recently they have purchase several CBT packages for me (CCNP, CCNA IINS, MCTIP). Now I'm getting a year subscription to cbtnuggets. In may I will be attending the 558 course (If the wife allows me to go). My biggest issue is finding the time to do this stuff.

humv

Gratz on the cert! And lucky you, I've been fighting with my company on obtaining some training as of late

my biggest resistane to the GIAC exams (besides cost) is I dont have the experience that most seem to even before they step into the classroom. I am familiar with Windows, so I considered the GAWN but I work with windows on the T2 sysadmin side, not the defense side (working on it). I'd like to learn firewalls and IDS but I dont have the experience, or the lab setup to learn ATM.

Last edited by SephStorm on Fri Mar 04, 2011 5:38 pm, edited 1 time in total.

SANS is very good at starting at the beginning. All of the courses I've done with SANS have overlapped greatly. This like the TCP/IP model, WEP, WPA and more. The 560 I just passed was the second time I did it. I toke it in the passed but never toke the test. This time I toke the test. I've tried to look into certs like CEH/CHFI but I don't find them as in-depth as to how to use the tools. If you simply start of with the Incident handling course that is a great primer for the rest. I've attend one Community SANS and 3 normal SANS events. By fair the normal SANS events are better. Having said that any training is better than none. I have also take 4 OnDemand Courses and working on my fifth.

The tests are fairly in depth 150 questions and you get 4 hours to complete. They are all multiple choice, I found that two answers can be tossed out right away and the other two are pick the best answer for the question.

Obviously the SANS courses/tests are not for the weak at heart. They take dedication and many hours of studying and practicing. Having said that you do get a good feeling when you complete the test and pass it. BTW they have recently bumped up their pass mark to I believe 74%. Something along the lines of 111 correct.

The practice tests are very close to the actual test. During the test you see your running tally of correct and incorrect answers. I must admit this can be a little un-nerving to say the lest. They provide DVD's with extra information on them for practice.

All in all I like the amount of knowledge they provide you. They don't simple say use this to do this. They say here is tcpdump and with the switch you get hex, with this switch you change the snaplen. The you go through exercises to practice what you have learned. Simple capturing packets from your own machine to look at them is very interesting.